X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/f6b1f8e7d642f82d830a71b78699a4349e0158e1..0d82dc37b36017c11fd37936bd76cfeea9516e2d:/doc/doc-txt/ChangeLog?ds=sidebyside diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index f7ab3c005..4306cabc0 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -2,35 +2,6 @@ This document describes *changes* to previous versions, that might affect Exim's operation, with an unchanged configuration file. For new options, and new features, see the NewStuff file next to this ChangeLog. -Exim version 4.96.1 -------------------- - -This is a security release. - -JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which - could be triggered by externally-supplied input. Found by Trend Micro. - CVE-2023-42115 - -JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could - be triggered by externally-controlled input. Found by Trend Micro. - CVE-2023-42116 - -JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could - be triggered by externally-controlled input. Found by Trend Micro. - CVE-2023-42114 - - -JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address. - Make the rewrite never match and keep the logging. Trust the - admin to be using verify=header-syntax (to actually reject the message). - - -Exim version 4.next -------------------- - -HS/01 Fix string_is_ip_address() CVE-2023-42117 (Bug 3031) - - Exim version 4.97 ----------------- @@ -117,7 +88,7 @@ JH/18 Fix a fencepost error in logging. Previously (since 4.92) when a log line JH/19 Bug 2911: Fix a recursion in DNS lookups. Previously, if the main option dns_again_means_nonexist included an element causing a DNS lookup which - iteslf returned DNS_AGAIN, unbounded recursion occurred. Possible results + itself returned DNS_AGAIN, unbounded recursion occurred. Possible results included (though probably not limited to) a process crash from stack memory limit, or from excessive open files. Replace this with a paniclog whine (as this is likely a configuration error), and returning @@ -222,17 +193,31 @@ JH/38 Taint-track intermediate values from the peer in multi-stage authentation JH/39 Bug 3023: Fix crash induced by some combinations of zero-length strings and ${tr...}. Found and diagnosed by Heiko Schlichting. -JH/40 Support list of dkim results in the dkim_status ACL condition, making - it more usable in the data ACL. +JH/40 Bug 2999: Fix a possible OOB write in the external authenticator, which + could be triggered by externally-supplied input. Found by Trend Micro. + CVE-2023-42115 + +JH/41 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could + be triggered by externally-controlled input. Found by Trend Micro. + CVE-2023-42116 + +JH/42 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could + be triggered by externally-controlled input. Found by Trend Micro. + CVE-2023-42114 + +JH/43 Bug 2903: avoid exit on an attempt to rewrite a malformed address. + Make the rewrite never match and keep the logging. Trust the + admin to be using verify=header-syntax (to actually reject the message). -JH/43 Bug 3033: Harden dnsdb lookups against crafted DNS responses. +JH/44 Bug 3033: Harden dnsdb lookups against crafted DNS responses. CVE-2023-42219 +HS/02 Fix string_is_ip_address() CVE-2023-42117 (Bug 3031) Exim version 4.96 ----------------- -JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from +JH/01 Move the wait-for-next-tick (needed for unique message IDs) from after reception to before a subsequent reception. This should mean slightly faster delivery, and also confirmation of reception to senders.